WO 2004/084073 



PCT/IB2004/000776 



12 

CLAIMS 

1 - Method to secure the execution of at least one module in an electronic 
unit comprising information processing means and information storage 

5 means, characterised in that, during the execution of said module, it 
consists, during the passage by at least one beacon, in storing one or more 
items of information concerning one or more characteristics of said beacon 
and in checking, at at least one check point, the consistency of the 
information stored about all beacons encountered. 

10 

2 - Method to secure at least one module designed to be integrated in an 
electronic unit including information processing means and information 
storage means, characterised in that it integrates automatically in said 
module equipped with a set of directives a set of static data, beacon 

15 functions and verification functions, the first representing a set of valid 
executions, the second calculating dynamically a representation of the 
execution, and the last used to check the consistency of the static and 
dynamic data. 

20 3 - Method according to claim 2, characterised in that it uses the control flow 
graph of the program to be protected to generate the static information used 
by the verification functions. 

4 - Method according to claim 2 or 3, characterised in that a beacon is 
25 information which defines the characteristics of the corresponding passage 

point and/or one or more other passage points. 

5 - Method according to claim 4, characterised in that a beacon is one of the 
following elements, a combination of several of them, or all of them: 

30 - an integer locating the beacon in the code to be protected; 

- a Boolean variable defining whether it is the first or the last beacon; 
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- a data structure characterising, according to the value of a register or 
a given variable, all beacons through which passage will be forbidden 
(using a verification function) in the remaining execution; 

- a data structure characterising, according to the value of a register or 
5 a given variable, all beacons through which passage will be forced 

(using a verification function) in the remaining execution. 

6 - Method according to one of claims 2 to 5, characterised in that a beacon 
function is one which is called by the program at each passage by a beacon 

10 and which will consist in storing dynamically in the shared memory various 
items of information concerning the beacon. 

7 - Method according to claim 6, characterised in that a beacon function is 
one which pushes the beacon onto the stack in the shared memory and/or 

15 one which updates a checksum contained in the shared memory with the 
beacon data. 

8 - Method according to one of claims 2 to 7, characterised in that a history 
verification function is one called at each check point to check the 

20 consistency of the information stored in the shared memory during the 
successive calls of the beacon functions. 

9 - Electronic unit including information processing means and information 
storage means containing at least one module to be executed characterised 
in that it includes the means required, during the execution of said module, 
and during the passage by at least one beacon, to store one or more items 
of information concerning one or more characteristics of said beacon in said 
storage means and means to check, at at least one check point, the 
consistency of the information stored about all beacons encountered. 

10 - Program including program code instructions to execute the steps of the 
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method according to one of claims 1 to 6 when said program is run in an 
electronic unit. 



